Chances are if you run a business you will have heard of the General Data Protection Regulation (GDPR), which come into effect on 25 May 2018.
Below are 10 tips that will hopefully make the process a little easier along with a template email at the bottom. If you have any questions or would like me to draft a more personalised email for you, please get in touch with me below or at firstname.lastname@example.org.
I’ll admit that when I first heard about GDPR I wanted to stop sending out newsletters though fortunately, or unfortunately depending on how you look at it, I don’t have that many people on my newsletter list, to begin with. Besides, those newsletters are a great way of keeping in touch and sharing with your target market information about your product or service.
GDPR means that people must explicitly say that they are interested in receiving the emails that you send to them. Below are some key points to help you along.
- Ensure that all key people in your organisation who are likely to obtain data have the written permission to do so.
- All data that you hold must have a reason for each piece of information, so if you have included information about the person’s sexual orientation, for example, the reason why you have that must be shared.
- Hard copies of sign up forms must be kept safely under lock and key and there must be documented evidence that anyone receiving an email has given you prior authorisation to send.
- One way to do this is to send an email asking your subscriber to click on an opt-in button that will secure their information. Yes, there is only a certain amount of time that you can hold any person’s information for, which is for the time that the person is using your services plus seven years.
- If you’re not sure you will need to check in annually to make sure that they are still interested in receiving information.
- Emails must only be for the purpose that the subscriber has signed up for and cannot be bundled up for different purposes. So, I wouldn’t be able to send you information about my yoga classes with the email that you have used to sign up for my newsletter.
- Service users must receive an explanation of how their data will be used and how long it will be kept for. They should as before always have the option to unsubscribe from your services if they wish to.
- Privacy notices also need to be reviewed, these are usually on any website and show how data is to be used. If you don’t have one now could be the time to write one.
The information included in this blog is by no means comprehensive though for further information please see the Information Commissioner’s website. https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Also, check out Suzanne Dibble’s page for lots of useful videos and information. https://suzannedibble.com/gdpr/
Contact me for this month’s sign up printable if you haven’t sent your GDPR email out or if you don’t have a privacy page in place yet.
Sign up for the opportunity to win a day’s worth of copywriting for free – The winner will be announced on this site monthly.